The document discusses the software development lifecycle (SDLC). It defines SDLC as a series of phases that provide a model for developing and managing software applications. The key phases discussed are analysis, construction, testing, release, and maintenance. Within testing, the document emphasizes the importance of using tools like Veracode to test for security vulnerabilities without requiring additional resources. It also covers different SDLC methodologies like waterfall and agile approaches. The conclusion restates that the goal of any SDLC is to deliver high-quality, on-time, cost-effective software that is secure, efficient to maintain and cost-effective to enhance over time.
3. What is SDLC?
SDLC means software development lifecycle. A software development
lifecycle is essentially a series of steps or phases that provide a model for
the development and lifecycle management of an application or piece of
software. The methodology within the SDLC process can vary across
industries and organizations, but standards such as ISO/IEC 12207
represent processes that establish a lifecycle for software, and provide a
mode for the development, acquisition and configuration of software
systems.
4. Benefits of the SDLC Process
The need of an SDLC process is to help produce a product that is cost-efficient,
effective and of high quality. Once an application is created, the SDLC maps the
proper deployment and decommissioning of the software once it becomes a
legacy. The SDLC methodology usually contains the following stages: Analysis
(requirements and design), construction, testing, release and maintenance
(response). Veracode makes it possible to integrate automated security testing
into the SDLC process through the use of its cloud-based platform.
5. Phases of the Software Development Lifecycle
SDLC starts with the analysis and definition phases, where the purpose of the software or system
should be determined, the goals of what it needs to accomplish need to be established, and a set
of definite requirements can be developed.
During the software construction or development stage, the actual engineering and writing of the
application is completed. The software is designed and produced, while attempting to accomplish
all of the requirements that were set forth within the previous stage.
Next in the software development lifecycle is the testing phase. Code produced during construction
should be tested using static and dynamic analysis, as well as manual penetration testing to
ensure that the application is not easily exploitable to hackers, which could result in a critical
security breach. The advantage of using Veracode during this stage is that by using state of the art
binary analysis (no source code required), the security posture of applications can be verified
without requiring the use of any additional hardware, software or personnel.
6. Phases of the Software Development Lifecycle
Once the software is deemed secure enough for use, it can be
implemented in a beta environment to test real-world usability, and then
pushed to a full release where it enters the maintenance phase. The
maintenance stage allows the application to be adjusted to organizational,
systemic and utilization changes.
7.
8. SDLC Implementation
There are two different types of SDLC that can be used: waterfall and agile. The
major difference between the two is that the waterfall process is more traditional
and begins with a well thought-out plan and defined set of requirements, whereas
agile SDLC begins with less stringent guidelines and then makes adjustments as
needed throughout the process. Agile development is known for its ability to
quickly translate an application that is in development to a full release at nearly
any stage, making it well suited for applications that are updated frequently.
9. Different types of SDLC models:
Several models exist to streamline the development process. Each one has its pros
and cons, and it's up to the development team to adopt the most appropriate one
for the project. Sometimes a combination of the models may be more suitable.
1.Waterfall Model
2.Software Prototyping
3.Joint Applications Design (JAD)
4.Rapid Application Development (RAD)
5.Extreme Programming (XP); extension of earlier work in 6.Prototyping and
RAD.
7.Open Source Development
8.End-user development
9.Object Oriented Programming
10. Conclusion:
Systems and Development Life Cycle (SDLC) is a process used
by a systems analyst to develop an information system, including
requirements, validation, training, and user (stakeholder)
ownership. Any SDLC should result in a high quality system that
meets or exceeds customer expectations, reaches completion within
time and cost estimates, works effectively and efficiently in the
current and planned Information Technology infrastructure, and is
inexpensive to maintain and cost-effective to enhance.